Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ci): scan docker images using trivy #1183

Merged
merged 1 commit into from
Dec 17, 2024
Merged

feat(ci): scan docker images using trivy #1183

merged 1 commit into from
Dec 17, 2024

Conversation

youben11
Copy link
Member

No description provided.

@cla-bot cla-bot bot added the cla-signed label Dec 16, 2024
@chilcano
Copy link

That looks great !!
I've had to read both Github workflows. I recommend to provide info in the PR's description.
Well, both workflows include Trivy Action to scan built and pushed Docker images. Finally, both workflows upload the Trivy reports (sarif format) to Github Security.

chilcano
chilcano approved these changes Dec 16, 2024
View reviewed changes
Copy link

@chilcano chilcano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Both github workflows implement trivy scan for built and pushed docker images and upload trivy sarif reports.
In brief that looks good.

@youben11 youben11 merged commit 04d7fb2 into main Dec 17, 2024
10 checks passed
@youben11 youben11 deleted the ci/trivy branch December 17, 2024 10:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BourgerieQuentin BourgerieQuentin BourgerieQuentin approved these changes

@chilcano chilcano chilcano approved these changes

Assignees
No one assigned
Labels
cla-signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@youben11 @chilcano @BourgerieQuentin